2a60fc86fb6134d3fa9dbc6a5c652b90_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a60fc86fb6134d3fa9dbc6a5c652b90_JaffaCakes118
Size

272KB
MD5

2a60fc86fb6134d3fa9dbc6a5c652b90
SHA1

85c7d701aa847c6f318236f492f3f710d1494c54
SHA256

8a5dca6f730f3b9891bc9783181cd2fd66a0f9fe7927f368e4cddfc85ed3dd3c
SHA512

234b441f81a2b394b821585e171cce83214757db02c9197ee00a440b16309a412ae4fdd5e34c692879a6b6015a890ebe894ef99f5ff467b58b0e63e92d5457d4
SSDEEP

6144:Vw3gH0Ah2Lbo+aB0OQLRJlpOzOuCWnLf3wkjU9Gp2NemEKR:Vwu0AgLaWOugVnrpjSGpLV2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a60fc86fb6134d3fa9dbc6a5c652b90_JaffaCakes118

Files

2a60fc86fb6134d3fa9dbc6a5c652b90_JaffaCakes118
.dll windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

CreateMainProc
CreateProtectProc
DllCanUnloadNow
DllGetClassObject
RealLogoff
RealLogon
Setup

Sections

.text
Size: 241KB - Virtual size: 724KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE